JP2010212972A - Image reading apparatus and image reading system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an image reading apparatus and image reading system, for preventing a read image file from being downloaded by any other user even if the contents of electronic mail are leaked, in the image reading system (network scan) for sending, by the electronic mail, a URL of the page for downloading the read image file. <P>SOLUTION: When image data is read by an image reader 130, the page to download image data is registered to a Web server unit 111 as a Web page, and then with address information instructed from an operator as a destination, mail, on which the URL of the download page and a password 2 is described, is transmitted. If a terminal to download the image data is reliable, authentication is performed by only using the password 2, but if a terminal to download the image data is unreliable, authentication is performed by using the password 2 together with a password 1 beforehand registered by a user. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to an image reading apparatus and an image reading system.

  In recent years, there is an image reading apparatus that uploads an image file read by an image reading apparatus (scanner apparatus) connected to a network to a server and transmits a URL (Uniform Resource Locator) of the upload destination to a terminal by e-mail.

  In Patent Document 1, an image file read from a document is stored in a server device so that only a person who knows an automatically generated password can download it with a Web browser, and the image file is stored at a specified address. A scan mail transmission device and a scan mail transmission system that can download an image file that is read only by a specific person by transmitting an e-mail in which a URL and a password for downloading the URL are downloaded Proposed.

JP 2004-86731 A

  In an image reading system in which the URL of a page for downloading a read image file is sent by e-mail, an image reading apparatus and an image reading system that prevent the image file from being downloaded by another user even if the content of the e-mail is leaked The purpose is to provide.

  In order to achieve the above object, the image reading apparatus of the invention of claim 1 accepts a storage means for storing a first password corresponding to an e-mail address, and an image reading registration request specifying the e-mail address, Registration means for registering image data read by the image reading means at a destination on the Web; password generation means for generating a second password; Web registration destination for the read image data; and the second password Depending on the determination result of the mail transmission means for transmitting an e-mail to the mail address, the reliability determination means for determining the reliability of the access request source for the access request to the destination on the Web, and the determination result by the reliability determination means Authentication means for performing a combination of the first and second passwords, and when the authentication by the authentication means is successful, at the time of the access request Configured to comprise an access control means permits access to the constant has been the Web registration destination.

  Further, in the invention of claim 2, in the invention of claim 1, when the authenticating means determines that the access request source can be trusted by the reliability determining means, a second password is given to the access request source. And when the reliability determination means determines that the access request source is not reliable, the access request source is requested to authenticate by requesting the second password and the first password. The

  According to a third aspect of the present invention, in the first or second aspect of the present invention, the password generating unit is configured to generate a second password based on the image data read by the image reading unit.

  According to a fourth aspect of the present invention, in the first to third aspects of the invention, the reliability determination means is configured to determine the reliability based on an identification address unique to the determined access request source. The

  The invention according to claim 5 is the invention according to any one of claims 1 to 4, wherein the reliability determining means determines that the access request source to be determined is the second password and the first password last time. If the authentication according to the request is successful, the access request source is determined to be reliable.

  The invention according to claim 6 is the invention according to any one of claims 1 to 5, wherein the reliability determination means, when the access request source to be determined is registered as reliable in advance, the access is determined. The request source is configured to be trusted.

  The invention according to claim 7 is the invention according to any one of claims 1 to 6, wherein the reliability determination means, when the access request source to be determined is registered in advance as unreliable, It is configured to determine that the requester is not trusted.

  The invention according to claim 8 is the invention according to any one of claims 1 to 7, wherein the reliability determination means is configured such that the access request source to be determined makes the access request via a proxy. , Configured to determine that the access request source is unreliable.

  An image reading system according to a ninth aspect of the present invention includes an image reading device that reads image data by an image reading unit, and a terminal device that has an e-mail address. The image reading device corresponds to the e-mail address. Storage means for storing the first password, registration means for accepting an image reading registration request specifying the mail address, and registering image data read by the image reading means at a destination on the Web, and a second Password generation means for generating a password for the image, a Web registration destination for the read image data, a mail transmission means for sending an e-mail including the second password to the mail address, and an access request to the destination on the Web Reliability determination means for determining the reliability of the access request source, and the determination result by the reliability determination means And an authentication means for performing authentication by combining the first and second passwords, and an access control means for permitting access to the Web registration destination designated at the time of the access request when authentication by the authentication means is successful. And the terminal device transmits a request unit that makes an access request to the Web registration destination described in the e-mail transmitted by the mail transmission unit, and a transmission unit that transmits a password according to authentication by the authentication unit And acquisition means for acquiring the image data from the Web registration destination permitted to be accessed by the access control means.

  According to the first aspect of the present invention, even if the mail transmitted by the mail transmitting means is stolen by a third party, an access request by the third party can be rejected.

  According to the invention of claim 2, even if the third party steals the mail transmitted by the mail transmission means, the access request by the third party is rejected by the first password which is not known to the third party. .

  According to the invention of claim 3, the second password is generated based on the read image data.

  According to the invention of claim 4, even if the mail transmitted by the mail transmitting means is stolen by a third party, the access request by the third party can be rejected.

  According to the invention of claim 5, even if the mail transmitted by the mail transmitting means is stolen by a third party, the access request by the third party can be rejected.

  According to the invention of claim 6, reliable access request sources are registered in advance.

  According to the invention of claim 7, unreliable access request sources are registered in advance.

  According to invention of Claim 8, even if the mail transmitted by the mail transmission means is seen by a third party, an access request by the third party can be rejected.

  According to invention of Claim 9, even if the mail transmitted by the mail transmission means is seen by a third party, an access request by the third party can be rejected.

1 is a schematic diagram showing a configuration of an image reading system 1. FIG. 5 is a flowchart showing processing of an address book management operation unit 122. The figure which shows management of the password 1. FIG. The figure which shows management of address book information. 5 is a flowchart showing processing in the image reading apparatus 100. 5 is a flowchart showing processing in the image reading apparatus 100. 5 is a flowchart showing processing in the image reading apparatus 100. The figure which shows a mode that a transmission destination is selected. The schematic diagram which shows the email transmitted. The schematic diagram which shows the process of PC10 which received the email. The flowchart which shows the process of the accessed Web server part 111. FIG. The figure which showed the conditions of reliability determination. The figure which shows the display part 11 of PC10 which accesses the Web server part 111. FIG. The flowchart which shows the process in which a web page is stored. The schematic diagram which shows the content etc. of the email to the transmission destination in 2nd Example. The schematic diagram which shows the address book information etc. in 3rd Example.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.

  First, the image reading system 1 will be described with reference to FIG.

  FIG. 1 is a schematic diagram showing the configuration of the image reading system 1.

  As shown in FIG. 1, the image reading system 1 is configured by a personal computer 10-1, a personal computer 10-2, and an image reading apparatus 100 that are communicably connected via a communication line 2.

  The personal computer 10-1 and the personal computer 10-2 have the same configuration, but have different mail addresses.

  The personal computer 10-1 and the personal computer 10-2 are collectively referred to as a personal computer 10 (hereinafter referred to as a PC 10).

  The PC 10 includes a display unit 11, an input unit 12, a storage unit 13, and a control unit 14.

  The display unit 11 includes a display and provides information to the user.

  The input unit 12 includes a keyboard and a mouse, and receives instructions from the user.

  The storage unit 13 includes a RAM (Random Access Memory), a ROM (Reed Only Memory), and a hard disk, and stores an OS and mail software for operating the PC 10, a browser program for browsing the Internet, and the like.

  The control unit 14 is configured by a CPU (Central Processing Unit), and controls the PC 10 in an integrated manner, and controls programs such as mail software and a browser.

  The image reading apparatus 100 includes a controller 110, an operation panel 120, and an image reading unit 130. The controller 110 includes a Web server unit 111, a Web page registration unit 112, a data format unit 113, an image processing unit 114, and a notification mail creation unit. 115, a destination management unit 116, an address book management unit 117, and a scan job control unit 118. The operation panel 120 has an address book display / selection unit 121, an address book management operation unit 122, a scan parameter input unit 123, a scan. An instruction unit 124 is included.

  The Web server unit 111 stores a page described in HTML (HyperText Markup Language), and transmits the page after various password authentications to a terminal (PC 10) connected to the Web server unit 111 via the communication line 2.

  The HTML language page stored in the Web server unit 111 is a page for downloading an image file, and the Web server unit 111 also stores the image file.

  The web page registration unit 112 creates pages described in HTML so that the PC 10 can browse image files formatted by the data format unit 113 described below, and stores them in the web server unit 111.

  The data format unit 113 performs processing for converting the image data processed by the image processing unit 114 into a format (JPEG (Joint Photographic Experts Group), TIFF (Tagged Image File Format), etc.) specified by the user.

  The image processing unit 114 performs color conversion processing for improving image quality, rotation processing for adjusting the orientation of the image, and the like on the image data read by the image reading unit 130 in accordance with parameters specified by the user. .

The notification mail creating unit 115 is an e-mail in which the URL that is the address of the Web server unit 111 for downloading the image file and the password 2 that is the password for opening the download page are addressed to the designated PC 10 Is generated and transmitted to the destination PC 10. (In the image reading system 1, there are two types of passwords, password 1 and password 2.)
The transmission destination management unit 116 includes a RAM, and stores transmission destination information that is a destination of the electronic mail created by the notification mail creation unit 115.

  The destination information stored in the destination management unit 116 is information selected by the address book display / selection unit 121 from the address book information managed by the address book management unit 117.

  The address book management unit 117 stores and manages address book information.

  The address book information is information in which “user name” of the user who operates each PC 10, “mail address” of each PC 10, and “password 1” which is a password set by each user are described.

  The scan job control unit 118 controls the image reading unit 130.

  The address book display / selection unit 121 included in the operation panel 120 displays the address book information stored and managed in the address book management unit 117 to the user, and the image data read by the image reading unit 130 from the user. Accept selection of destination to send.

  The transmission destination received by the address book display / selection unit 121 is the destination of the email created by the notification email creation unit 115.

  Then, address book display / selection unit 121 sends the received transmission destination information as transmission destination information to transmission destination management unit 116.

  The address book management operation unit 122 accepts input of the user “user name”, “mail address”, and “password 1” stored and managed in the address book management unit 117 by the user's operation.

  The scan parameter input unit 123 receives parameters of processing performed by the image processing unit 114 and the data formatting unit 113 on the image data read by the image reading unit 130 by a user operation.

  The scan instruction unit 124 receives an instruction for reading an image of a document set on the image reading unit 130 from a user.

  The image reading unit 130 performs scanning to receive reflected light while irradiating the set original with light, and acquires image data of the original.

  In the image reading system 1 configured as described above, “password 1” that is a password individually set by the user is stored in the address book management unit 117 for each user who operates each PC 10.

  When the user sets a document on the image reading unit 130 and selects a transmission destination of an image file read from the document, an e-mail is transmitted to the selected transmission destination, and an image file download page is included in the e-mail. And a password 2, which is a password for browsing, are written.

  The recipient of the e-mail accesses the URL in the e-mail using the password 2 written in the e-mail or, in some cases, the preset password 1, and downloads the image file.

  In the image reading system 1, two passwords are used in some cases when downloading an image file, so that security is ensured even if the contents of an e-mail are leaked.

  Next, processing for registering an e-mail transmission destination and registering a password 1 performed in the address book management operation unit 122 of the image reading apparatus 100 will be described with reference to FIG.

  FIG. 2 is a flowchart illustrating processing performed by the address book management operation unit 122 of the image reading apparatus 100.

  First, the address book management operation unit 122 accepts the input of the “user name” of the user using the PC 10 and the “mail address” of the PC 10 (step 201).

  Then, the address book management operation unit 122 accepts the input of the password corresponding to the user accepted in step 201 as “password 1” (step 202).

  The password 1 accepted in step 202 is a password determined by the user that is input to the address book management operation unit 122.

  As shown in FIG. 3, the user who has entered the password 1 in step 202 manages the password 1 uniquely by storing it in the PC 10 used by the user or writing it in the password management ledger.

  As described above, the “user name”, “mail address”, and “password 1” received by the address book management operation unit 122 are stored and managed in the address book management unit 117 as one piece of address information.

  The address information stored in the address book management unit 117 includes not only the input from the address book management operation unit 122 but also dedicated utility software from the PC 10 that can communicate with the image reading apparatus 100 via the communication line 2. It is also created by input.

  Next, address information stored and managed in the address book management unit 117 will be described with reference to FIG.

  FIG. 4 is a schematic diagram showing address information stored and managed in the address book management unit 117.

  The address information of “user name”, “mail address”, and “password 1” received by the address book management operation unit 122 is numbered and stored as shown in FIG.

  Further, the password 1 of the address information stored and managed in the address book management operation unit 122 can be changed by an operation from the address book management operation unit 122.

  When the password 1 stored and managed in the address book management operation unit 122 is changed, as shown in FIG. 4B, the input of the currently set password 1 is requested, and the changed password 1 Password 1 entry is required. Such processing prevents the password 1 from being altered by other users.

  Further, as shown in FIG. 4C, an address stored and managed by the address book management operation unit 117 is configured by requiring an administrator password to be input at the start of the operation of the address book management operation unit 117. Security of the entire information can be maintained.

  When the address information is displayed to the administrator or the user by the address book management operation unit 122, the password 1 is displayed as “*” so that the contents cannot be confirmed.

  Next, processing performed in the image reading apparatus 100 will be described with reference to FIGS. 5, 6, and 7.

  5, 6, and 7 are flowcharts illustrating processing performed by the image reading apparatus 100.

  In the image reading apparatus 100, as shown in FIG. 5, the user operating the image reading apparatus 100 selects the transmission destination of the image file to be read from the document from the address book display / selection unit 121 (step 501).

  As shown in FIG. 8, a destination is selected from the address book display / selection unit 121. As shown in FIG. 8, a desired user is selected from users whose “user name” and “mail address” are displayed as address information. To do.

  As the destination information selected by the address book display / selection unit 121, “user name”, “mail address”, and “password 1” are stored in the destination management unit 116 as destination information.

  A user operating the image reading apparatus 100 sets a document to be read on the image reading unit 130 and inputs various parameters related to reading of the document from the scan parameter input unit 123 (step 502).

  The parameters input from the scan parameter input unit 123 are the resolution, color / monochrome, image file format (JPEG, TIFF, etc.) for storing the read image data, and the like.

  Then, the user instructs image reading from the scan instruction unit 124 (step 503).

  The image reading unit 130 instructed by the scan instruction unit 124 starts reading the image data of the set document (step 504).

  Here, the processing in step 504, which is a subroutine that is an image reading job, will be described in detail with reference to FIG.

  FIG. 6 is a flowchart for explaining in detail the image reading job of the subroutine 504.

  When an image reading instruction is given, the image reading unit 130 reads the image data of the set document as shown in FIG. 6 (step 601).

  The image data read by the image reading unit 130 is subjected to image processing by the image processing unit 114 according to the instructed parameter (step 602), and then converted into an image file of the format instructed by the data formatting unit 113. (Step 603).

  In this way, all the originals set in the image reading unit 130 are read as image data, and when the instructed image processing and conversion into image files are performed (YES in step 604), the data format unit 113 converts the document. The processed image file is sent to the web page registration unit 112, and a web page registration process is performed (step 605).

  Here, the process of step 605 which is a subroutine which is a registration process of the Web page will be described in detail with reference to FIG.

  FIG. 7 is a flowchart for explaining the Web registration process of the subroutine 605 in detail.

  When the image file processed by the data formatting unit 113 is sent to the web page registration unit 112, the web page registration unit 112 stores the sent image file in the web server unit 111 (step 701).

  Then, the web page registration unit 112 generates a password 2 (step 702).

  Password 2 is a password described in an e-mail sent to the destination.

  The password 2 may be generated based on the hash value of the image data stored in the Web server unit 111.

  Then, the web page registration unit 112 creates a web page in which the image file stored in the web server unit 111 can be downloaded in the HTML language (step 703).

  In step 703, the web page registration unit 112 creates a web page so that a link to an image file stored in the web server unit 111 is included.

  In step 703, the web page registration unit 112 performs password authentication by using password 2 for accessing the web page, or password 2 set by the password 2 and the transmission destination (selected in step 501). Create so that access is restricted.

  Then, the Web page registration unit 112 converts the Web page into a thumbnail (image data obtained by reducing the downloaded image data), the date and time when the image was read, and the image processing parameters specified by the user for the convenience of the user. It can also be created to display the format of the image file.

  Then, the web page registration unit 112 stores the web page created in step 703 in the web server unit 111 so that the web page registration unit 112 is accessed on the web so as to be accessed with a URL associated with the transmission destination (selected in step 501). Register (step 704).

  The URL associated with the transmission destination in step 704 is configured, for example, by writing the identification number of the transmission destination at the end of the URL.

  When a plurality of transmission destinations are selected in step 501, a different URL is set for each transmission destination. Each URL has an identification number for identifying a corresponding transmission destination at the end. These URLs are URLs of Web pages for downloading the same image file.

  Then, the web server unit 111 stores which destination the URL of the stored web page is associated with, and a password 2 for restricting access to the stored web page.

  For access to the Web page stored in the Web server unit 111, it is determined whether or not the access source can be trusted based on the IP address or MAC address of the access source. If it is not reliable, access restriction is performed so that the input of the password 2 and the password 1 is requested.

  When the created web page is stored in the web server unit 111, the notification mail creating unit 115 is stored as destination information in the destination management unit 116 that is the destination selected in step 501. Create an email to send to the destination.

  As shown in FIG. 9, the e-mail created by the notification mail creating unit 115 is the mail address of the transmission destination selected in step 501 based on the transmission destination information stored in the transmission destination management unit 116.

  FIG. 9 is a schematic diagram illustrating an email created by the notification email creation unit 115 of the image forming apparatus 100.

  Further, as shown in FIG. 9, the contents of the e-mail created by the notification mail creating unit 115 include the URL for accessing the web page stored in the web server unit 111 and the password created by the web page registration unit 112 in step 702. 2 is marked.

  In FIG. 9, the transmission destination is “Suzuki”, and the access URL to the Web page described in the content of the e-mail is a URL with “Suz001” at the end as indicated by reference numeral 901. This URL is a web page dedicated to Mr. Suzuki, and if this URL is accessed that requires password 1, Mr. “Suzuki” will be stored and managed in the address book management unit 117 assuming that access will be from Mr. “Suzuki”. Password 1 is used for password authentication.

  Thus, password authentication of password 1 is performed by creating a URL related to the transmission destination.

  Thus, the e-mail in which the URL of the download page and the password 2 created by the notification mail creating unit 115 is transmitted to the selected transmission destination (step 606).

  When a plurality of transmission destinations are selected by the address book display / selection unit 121 and transmission destination information of a plurality of transmission destinations is stored in the notification mail generation unit 115, a different URL is generated in step 704 for each transmission destination. Therefore, an e-mail in which the created URL is described is created for each URL and transmitted to the corresponding transmission destination.

  When the e-mail is transmitted, the destination information stored in the destination management unit 116 is deleted.

  When the e-mail is transmitted, the processing in the image reading apparatus 100 is temporarily terminated.

  Next, processing in the PC 10 to which the e-mail is transmitted will be described with reference to FIG.

  FIG. 10 is a schematic diagram illustrating processing in the PC 10 that has received an electronic mail sent from the image reading apparatus 100.

  In the PC 10 that has received the e-mail sent from the image reading apparatus 100, the e-mail is opened.

  As shown in FIG. 10, the user confirms the URL and password 2 described in the e-mail, and accesses the Web page described in the URL by the browser.

  The browser used at this time is a general-purpose one such as Internet Explorer or FireFox.

  Next, processing in the Web server unit 111 of the image reading apparatus 100 after the Web page of the Web server unit 111 is accessed from the browser of the PC 10 will be described with reference to FIG.

  FIG. 11 is a flowchart showing the processing in the Web server unit 111 after the Web page stored in the Web server unit 111 is accessed.

  The Web server unit 111 determines the reliability of the accessed PC 10 based on the IP address, MAC address, and the like (step 1101).

  As shown in FIG. 12, the determination of the reliability of the PC 10 is determined to be reliable if included in a predetermined condition, and is determined to be unreliable if included in the predetermined condition.

  Here, conditions that are determined to be reliable and conditions that are determined to be unreliable will be described with reference to FIG.

  FIG. 12 is a diagram illustrating conditions that are determined to be reliable and conditions that are determined to be unreliable.

  As shown in FIG. 12, one of the conditions determined to be reliable is to first identify the IP address or MAC address of the accessing PC 10, and that address succeeded in double authentication with the previous password 2 and password 1. This is the case of the terminal that has been used.

  In addition, as shown in FIG. 12, one of the other conditions determined to be reliable is to identify the IP address or MAC address of the accessing PC 10 and to register the address as a reliable terminal in advance. This is the case.

  In addition, as shown in FIG. 12, one of the other conditions determined to be reliable is the range in which the IP address or MAC address of the accessing PC 10 is identified and the address is registered in advance as reliable. The IP address or MAC address in the network.

  Then, as shown in FIG. 12, one of the conditions determined to be unreliable is to identify the IP address or MAC address of the PC 10 that has accessed, and the address is within the range registered in advance as unreliable. This is the case of an IP address or a MAC address.

  One of the other conditions determined as unreliable is when the access to the Web server unit 111 is access via a proxy.

  As described above, there are a plurality of conditions that are determined to be reliable and conditions that are determined to be unreliable. However, a condition based on a logical sum combining a plurality of conditions or a combination of a plurality of conditions is determined. Judgment can be performed under conditions based on logical products.

  As a result of the determination based on such conditions, if it is determined that the accessing PC 10 is reliable (in the case where it is reliable in step 1101), the PC 10 is requested to input the password 2 as shown in FIG. (In this case, password 1 is not required).

  FIG. 13A is a schematic diagram of a screen for requesting the password 2 displayed on the display unit 11 of the PC 10.

  If it is determined that the PC 10 that has accessed the Web server unit 111 is not reliable (when it is not reliable in step 1101), the password 10 and the password 1 are input to the PC 10 as shown in FIG. Request.

  FIG. 13B is a schematic diagram of a screen for requesting the password 2 and the password 1 displayed on the display unit 11 of the PC 10.

  The password 2 is a password described in an e-mail sent to the PC 10. However, since the password 1 is a password set in advance by the user, the e-mail is temporarily entered when the input of the password 1 is requested. Even if it is leaked on the communication path or the like, the identity can be confirmed.

  Even if the contents of an e-mail are leaked, it is difficult for a person who uses the contents to access the “reliable” PC 10. Input of the set password 1 is required.

  The Web server unit 111 confirms whether the password input from the PC 10 is the same as the password 2 stored in association with the Web page being accessed.

  Also, the Web server 111 determines the sender associated with the password entered from the PC 10 and the password 1 based on the URL of the Web page being accessed, and stores it in the address book management unit 117. The correct password 1 of the sender is obtained from the address book information and authenticated.

  If the password is confirmed to be correct in this way (YES in step 1104), as shown in FIG. 13C, a transition is made to a page where an image file can be downloaded on the accessed web page ( Step 1105).

  The user downloads the image file stored in the Web server unit 111 to the PC 10 from the page where the image file shown in FIG.

  If it is confirmed in step 1104 that the password is not correct (NO in step 1104), the process ends without making a transition to a page where the image file can be downloaded.

  The web page created in step 703 is stored in a web server (not shown) outside the image reading apparatus 100 without providing the web server unit 111 in the image reading apparatus 100, and the web page (not shown) is stored from the PC 10. The server can also be configured to access a web page.

  At this time, an external Web server (not shown) stores the Web page, and stores password 1 and password 2 and the image file when the image file is downloaded from the Web page.

  The access restriction to the Web page that can download the image file stored in the Web server unit 111 has been described so that the access restriction configuration is incorporated when the Web page is created in the HTML language. It can also be configured such that password authentication by password 2 or password 1 and password 2 is performed by Web server unit 111 when an attempt is made to access a Web page stored in Web server unit 111 from PC 10. The processing of the image reading apparatus 100 in such a configuration is the same as the processing represented by the flowchart described with reference to FIGS. 5 and 6, but registration of the Web page described with reference to FIG. Since the processing is different, the Web page registration processing will be described below with reference to FIG.

  FIG. 14 is a flowchart illustrating processing for storing a Web page in the Web server unit 111 when the Web server unit 111 performs access restriction.

  As shown in FIG. 14, when the image file processed by the data formatting unit 113 is sent to the web page registration unit 112, the web page registration unit 112 stores the sent image file in the web server unit 111 (step 1401).

  Then, the web page registration unit 112 creates a web page for downloading the image file stored in the web server unit 111 in the HTML language (step 1402).

  When the Web page is created, the Web page registration unit 112 generates a password 2 (Step 1403).

  The web server unit 111 stores the web page created in step 1402 and registers it on the web so that access is restricted by the password 2 generated by the web page registration unit 112 (step 1404).

  When the registered Web page is accessed from the PC 10, the Web server unit 111 performs password authentication for the access from the PC 10, and the registered Web page is obtained after successful authentication by the password authentication. Access is allowed.

  The authentication by the Web server unit 111 is performed when the PC 10 accessing the Web page is determined to be reliable, and the authentication is performed using the password 2, and when the PC 10 accessing the Web page is determined to be unreliable. Authentication with password 2 and password 1 is performed.

  In the second embodiment, portions different from the first embodiment will be described.

  Components denoted by the same reference numerals as those in the first embodiment are not described because they have the same configurations as those described in the first embodiment.

  In the first embodiment, the URL of the Web page is made different for each e-mail transmission destination (selected in step 501) to identify the transmission destination, and the password 1 can be authenticated. In the second embodiment, when the user is requested to input “password 1”, the user is also requested to input “user name” or “mail address”.

  Thus, in the second embodiment, the URL described in the e-mail sent to the destination does not have an identification number for identifying the destination.

  Thus, even when there are a plurality of transmission destinations, the URL of the Web page where the image file is downloaded is expressed by one URL.

  The contents of the e-mail sent to the transmission destination accepted by the image reading apparatus 100 will be described with reference to FIG.

  FIG. 15A is a schematic diagram showing the contents of the e-mail sent to the transmission destination in step 606 of FIG.

  In the second embodiment, as shown in FIG. 15A, the URL written in the contents of the e-mail sent to the transmission destination has an identification number identifying the transmission destination user at the end of the URL. Absent.

  Thus, even when an e-mail is sent to a plurality of destinations, the URL described in the contents of the e-mail is the same URL. The batch transmission function of the e-mail software can be used to transmit at once.

  In the PC 10 to which an e-mail in which such a URL is written is transmitted, the URL is accessed by the user.

  As described in the first embodiment with reference to FIG. 11, when it is determined that the PC 10 that has accessed the Web server unit 111 is unreliable (in the case of unreliability in step 1101 in FIG. 11), the image reading apparatus As shown in FIGS. 15B and 15C, the “user name” (FIG. 15B) or “email address” (FIG. 15C) of the user who operates the PC 10 together with the password 2 and the password 1 is displayed. ) Is requested to the PC 10 (the processing in step 1103 in FIG. 11).

  As shown in FIGS. 15B and 15C, the access control requesting the input of the password 1, the password 2, and the “user name” (FIG. 15B) or the “mail address” (FIG. 15C) is as follows. It may be performed by a web page configured in the HTML language, or may be performed by the web server unit 111.

  Then, based on the input “user name” or “mail address”, the Web page is stored in the address book management unit 117 (if the authentication is performed by the Web server unit 111), the “ The correct password 1 corresponding to the “user name” or “mail address” is acquired, and it is determined whether or not the input password 1 is correct (the process in step 1104 following step 1103 in FIG. 11).

  As described above, in the second embodiment, the authentication of the password 1 is performed by acquiring and authenticating the correct password 1 based on the “user name” or “mail address” received by requesting the input together with the password 1.

  In the second embodiment, as in the first embodiment, of course, access control for determining the reliability of the PC 10 accessing the Web page and requesting a password or the like is performed at the Web page level created in the HTML language. It may be configured so that the Web server unit 111 performs.

  In the third embodiment, portions different from the first embodiment will be described.

  Components denoted by the same reference numerals as those in the first embodiment are not described because they have the same configurations as those described in the first embodiment.

  In the first embodiment, in order to enable password authentication of the password 1, the URL of the accessed Web page is different for each transmission destination and includes a URL corresponding to the transmission destination. Then, the user who will be accessed is determined based on the accessed URL, and the correct password 1 of the user is acquired.

  In the second embodiment, the user who has made an access request based on the inputted “user name” or “email address” by making an input request for the “user name” or “email address” of the user together with an input request for “password 1”. The correct password 1 was obtained.

  In the third embodiment, in addition to the user's “user name”, “mail address”, and “password 1”, the “IP address” of the terminal used by the user is also included in the address book information managed in advance by the address book management 117. It becomes a configuration to manage. The correct password 1 managed in the address book information is acquired based on the IP address of the terminal that has accessed the Web page stored in the Web server unit 111.

  First, in the first embodiment, the processing performed in the address book management operation unit 122 described with reference to FIG. 2 is the same as the processing in which the destination is registered in steps 201 and 202 in FIG. As shown in FIG. 6, in addition to the input of the user “user name”, “mail address”, and “password”, the “IP address” of the PC 10 that is the terminal used by the user is input.

  At this time, when the IP address is input, if the PC 10 is connected to the same subnet as the image reading apparatus 100, the MAC address of the PC 10 may be input.

  FIG. 16A is a schematic diagram showing the address book information input to the address book management unit 117 by the address book management operation unit 122.

  Then, the processing in step 704 described with reference to FIG. 7 of the first embodiment creates an ULR that does not have an identification number or the like for identifying the transmission destination.

  Therefore, the URL described in the contents of the e-mail sent to the destination described with reference to FIG. 9 of the first embodiment is the same URL even when sent to a plurality of destinations. An electronic mail having the same contents can be configured to be transmitted to a plurality of transmission destinations at once by using an electronic mail batch transmission function.

  In the PC 10 to which the e-mail is sent, the URL written in the e-mail is accessed as shown in FIG.

  If the Web server unit 111 receives the password 1 and the password 2 as shown in FIG. 16C due to the access restriction, the password is described in the address book management unit 117 based on the IP address of the PC 10 that is the accessing terminal. The correct password 1 corresponding to the IP address to be acquired is acquired, and password authentication is performed (the process in step 1104 in FIG. 11).

  As described above, in the third embodiment, the password 1 is authenticated based on the “IP address” of the accessing PC 10 and the correct password 1 corresponding to the “IP address” registered in the address book information in advance is acquired. Authentication is performed.

  In the third embodiment, as in the first embodiment, of course, access control for determining the reliability of the PC 10 accessing the Web page and requesting a password is performed at the Web page level created in the HTML language. It may be configured so that the Web server unit 111 performs.

  The present invention can be used in an image reading apparatus and an image reading system.

DESCRIPTION OF SYMBOLS 1 Image reading system 10, 10-1, 10-2 Personal computer 100 Image reading apparatus 111 Web server part 112 Web page registration part 113 Data format part 114 Image processing part 115 Notification mail preparation part 117 Address book management part 120 Operation panel 121 Address book display / selection unit 123 Scan parameter input unit 124 Scan instruction unit 130 Image reading unit

Claims (9)

Storage means for storing the first password corresponding to the email address;
A registration unit that accepts an image reading registration request specifying the e-mail address and registers the image data read by the image reading unit in a destination on the Web;
Password generating means for generating a second password;
A mail registration means for sending a Web registration destination of the read image data and an e-mail including the second password to the e-mail address;
A reliability determination means for determining a reliability of an access request source in response to an access request to a destination on the Web;
An authentication unit for performing authentication by combining the first and second passwords according to a determination result by the reliability determination unit;
An image reading apparatus comprising: an access control unit that permits access to the Web registration destination designated at the time of the access request when authentication by the authentication unit is successful. The authentication means includes
If it is determined by the reliability determination means that the access request source is reliable, the access request source is requested to request a second password, and the reliability determination means determines that the access request source is not reliable. 2. The image reading apparatus according to claim 1, wherein authentication is performed by requesting the second password and the first password from the access request source. The password generation means includes
The image reading apparatus according to claim 1, wherein the second password is generated based on the image data read by the image reading unit. The reliability determination means includes
The image reading apparatus according to claim 1, wherein reliability is determined based on an identification address unique to the determined access request source. The reliability determination means includes
The access request source that is determined determines that the access request source can be trusted if authentication according to the request for the second password and the first password was successful last time. 4. The image reading apparatus according to any one of 4 above. The reliability determination means includes
The image reading apparatus according to claim 1, wherein if the access request source to be determined is registered in advance as reliable, the access request source is determined to be reliable. The reliability determination means includes
The image reading apparatus according to claim 1, wherein when the access request source to be determined is registered in advance as unreliable, the access request source is determined to be unreliable. The reliability determination means includes
The image reading apparatus according to claim 1, wherein when the access request source to be determined makes the access request via a proxy, the access request source is determined to be unreliable. An image reading device for reading image data by an image reading means, and a terminal device having an e-mail address;
The image reading device includes:
Storage means for storing a first password corresponding to the email address;
A registration unit that accepts an image reading registration request specifying the e-mail address and registers the image data read by the image reading unit in a destination on the Web;
Password generating means for generating a second password;
A mail registration means for sending a Web registration destination of the read image data and an e-mail including the second password to the e-mail address;
A reliability determination means for determining a reliability of an access request source in response to an access request to a destination on the Web;
An authentication unit for performing authentication by combining the first and second passwords according to a determination result by the reliability determination unit;
An access control means for permitting access to the Web registration destination designated at the time of the access request when authentication by the authentication means is successful,
The terminal device
Request means for making an access request to the Web registration destination described in the e-mail sent by the mail sending means;
Transmitting means for transmitting a password according to authentication by the authenticating means;
An image reading system comprising: an acquisition unit configured to acquire the image data from the Web registration destination permitted to be accessed by the access control unit.

Images